Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Configuring Triggers for CLI-Based Mirroring

    In user-specific packet mirroring, you use triggers to identify the user whose traffic you want to mirror and to start the mirroring session. The triggers are similar to the RADIUS attributes used in RADIUS-based mirroring. However, for CLI-based mirroring, AAA can use any supported authentication method, including RADIUS.

    Note: An E Series router supports a maximum of 100 mirror trigger rules.

    Attributes associated with users are examined in the following order of priority to find a match. When a match is found, examination stops.

    1. Account session ID
    2. Calling station ID
    3. Username and virtual router ID
    4. IP address and virtual router ID
    5. Nas-Port-Id

    You specify the triggers with the mirror command, except that the virtual router associated with username or IP address is taken from the VR context from which you issue the command.

    The following considerations apply to trigger rules:

    • A new trigger rule is not applied to matching connected subscribers if any of the subscribers is mirrored by another rule.
    • CLI-initiated mirroring per account session ID creates a rule that continues to exist after the subscriber logs out.
    • RADIUS COA messages affect only currently connected subscribers; they do not create persistent rules.

    Published: 2014-08-14